commit d5e1c372c97dce4955f0836e98b9f3abc6ad10a3
author Benjamin Wright <benwright@webrtc.org> Wed Mar 13 23:59:54 2019
committer Commit Bot <commit-bot@chromium.org> Thu Mar 14 03:53:24 2019
tree 9cabb210194b77110cd121c43de269e0a73754c9
parent 3aa584ff11d0d4e1e5360b307f73d2cd8a6d4d76

SSLCertificate basic fuzzer.

This change simply calls through all code paths in the SSLCertificate interface
after passing in an untrusted PEM string. Corpus will follow in another CL.

Bug: webrtc:10395
Change-Id: I001642fa89a84ce01505780f5e76f01a0e46a785
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/127640
Commit-Queue: Benjamin Wright <benwright@webrtc.org>
Reviewed-by: Steve Anton <steveanton@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#27118}

test/fuzzers/BUILD.gn

diff --git a/test/fuzzers/BUILD.gn b/test/fuzzers/BUILD.gn
index 7418822..99eb434 100644
--- a/test/fuzzers/BUILD.gn
+++ b/test/fuzzers/BUILD.gn
@@ -619,3 +619,12 @@
     "../../modules/rtp_rtcp",
   ]
 }
+
+webrtc_fuzzer_test("ssl_certificate_fuzzer") {
+  sources = [
+    "rtp_header_parser_fuzzer.cc",
+  ]
+  deps = [
+    "../../modules/rtp_rtcp",
+  ]
+}

test/fuzzers/ssl_certificate_fuzzer.cc

diff --git a/test/fuzzers/ssl_certificate_fuzzer.cc b/test/fuzzers/ssl_certificate_fuzzer.cc
new file mode 100644
index 0000000..50632f6
--- /dev/null
+++ b/test/fuzzers/ssl_certificate_fuzzer.cc
@@ -0,0 +1,47 @@
+/*
+ *  Copyright (c) 2019 The WebRTC project authors. All Rights Reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#include <stddef.h>
+#include <stdint.h>
+#include <string>
+
+#include "rtc_base/ssl_certificate.h"
+#include "rtc_base/string_encode.h"
+
+namespace webrtc {
+
+void FuzzOneInput(const uint8_t* data, size_t size) {
+  std::string pem_certificate(reinterpret_cast<const char*>(data), size);
+
+  std::unique_ptr<rtc::SSLCertificate> cert =
+      rtc::SSLCertificate::FromPEMString(pem_certificate);
+
+  if (cert == nullptr) {
+    return;
+  }
+
+  cert->Clone();
+  cert->GetStats();
+  cert->ToPEMString();
+  cert->CertificateExpirationTime();
+
+  std::string algorithm;
+  cert->GetSignatureDigestAlgorithm(algorithm);
+
+  unsigned char digest[rtc::MessageDigest::kMaxSize];
+  size_t digest_len;
+  cert->ComputeDigest(algorithm, digest, rtc::MessageDigest::kMaxSize,
+                      &digest_len);
+
+  rtc::Buffer der_buffer;
+  cert->ToDER(&der_buffer);
+}
+
+}  // namespace webrtc